Re: Max segment size (mss) in NPF

To: Thor Lancelot Simon <tls%panix.com@localhost>
Subject: Re: Max segment size (mss) in NPF
From: 76nemo76%gmx.ch@localhost
Date: Sun, 1 Jan 2017 10:48:36 +0100

On Sat, Dec 31, 2016 at 11:07:23PM -0500, Thor Lancelot Simon wrote:
> On Sat, Dec 31, 2016 at 10:40:13PM +0100, 76nemo76%gmx.ch@localhost wrote:
> > I plan to make a router with NPF but until now I have mainly
> > worked with the PF packet filter.
> > 
> > To have a correct behaviour of the router, I should limit the maximum
> > segment size for both IPv4 and IPv6. When using PF, the following command
> 
> Why?  Do you have a small-MTU network of some kind on one side of the router?
> 
> -- 
>  Thor Lancelot Simon	                                      tls%panix.com@localhost
> 	
> 			Ring the bells that still can ring.

Normally both sides of the router have the standard MTU of ethernet (1500). I have done
a lot of tests with a Windows 10 machine and I get systematically errors (connexion resets
during FTP, possibility to mount by CIFS a share but then the communication hangs
or even impossibility to mount the share).

Once, by chance, I have noticed that the Windows 10 machine seems to use a packet length
of 1514.

After I have forced a lower segment size, the problems have disappear. 

If I do the same manipulations without the router (in fact on the same switch) everything
works flawlessly. This should indicate that the hardware (cable, switch) are OK.

Alan

References:
- Max segment size (mss) in NPF
  - From: 76nemo76
- Re: Max segment size (mss) in NPF
  - From: Thor Lancelot Simon

Prev by Date: Re: Max segment size (mss) in NPF
Next by Date: Dual-boot Linux and NetBSD with SYSLINUX
Previous by Thread: Re: Max segment size (mss) in NPF
Next by Thread: Dual-boot Linux and NetBSD with SYSLINUX
Indexes:

Home | Main Index | Thread Index | Old Index